2024 has been a year marked by significant advancements in the tactics of cybercriminals and the defenses of cybersecurity professionals.
This update provides a brief review of the evolving threat landscape and other email security and administration trends. We’ll also provide a sneak peek into new features planned for 2025.
Top Industries Targeted by Phishing Attacks
Healthcare
The healthcare industry remains a prime target for phishing attacks, with medical records being a particularly valuable asset. Cybercriminals often exploit the sensitive nature of this data to extort or sell it on the dark web.
Notable cyber attacks on the healthcare industry in 2024 include Mississippi Health System, the University of Chicago Medical Center, the Los Angeles County Department of Public Health, and the Illinois Department of Human Services.
Finance & Insurance
The finance and insurance sectors continue to be lucrative targets due to the high value of financial data and the potential for large-scale financial fraud.
Manufacturing
Manufacturing companies, especially those involved in high-tech and critical infrastructure, are increasingly targeted for intellectual property theft and operational disruptions. Between September 2023 and September 2024, phishing attacks targeting the manufacturing industry jumped nearly 83%.
Mining/Oil & Gas
The mining and oil & gas industries are vulnerable to attacks that aim to disrupt operations or steal proprietary information related to resource exploration and extraction.
Retail
Retail businesses are frequently targeted due to the large volume of customer data they handle, including financial and personal information.
Continuing & Evolving Email Scams
QR Code Phishing
QR code phishing has become a popular method for tricking users into visiting malicious websites or downloading malware. Cybercriminals often embed QR codes in emails, text messages, or physical flyers.
Notable events from 2024 include “Quishing” campaigns that abused Microsoft Sway and Teams to host phishing pages.
QR code detection is included in SecurityGateway and coming soon to MDaemon.
AI-Enhanced Phishing
In 2024, we saw a surge of AI-enhanced business email compromise (BEC) attacks. The use of artificial intelligence (AI) in phishing attacks has made email scams more sophisticated and harder to detect. AI can generate convincing emails and even mimic the writing style of known contacts.
Rise in Deepfakes
Deepfake technology has been used to create convincing audio and video content, which can be used to impersonate executives and other trusted individuals in phishing attacks.
Gift Card Scams
Gift card scams involve tricking victims into purchasing and sharing the codes of gift cards, which are then used by the attackers for financial gain. In one such scam, a Hartland, Wisconsin resident lost $1000 after they responded to a phishing email from a bad actor pretending to be the Hartland village president.
Callback Phishing on the Rise
Callback phishing involves tricking users into calling a number provided in a phishing email, where they are then asked to provide sensitive information.
Business Email Compromise (BEC) Continues to Grow
BEC attacks, where attackers impersonate company executives to request wire transfers or sensitive information, remain a significant threat, impacting 70% of organizations during the past year.
DocuSign Phishing
Phishing attacks that mimic DocuSign emails to trick users into clicking on malicious links or downloading malware have become more prevalent.
Dropbox & OneDrive Abuse
Cybercriminals are increasingly using cloud storage services like Dropbox and OneDrive to host and distribute malware, making it harder for traditional security measures to detect these threats.
Cybercriminals Use Large-Scale Phishing Attacks to Exploit HTTP Headers
Attackers are using HTTP headers to steal credentials, often by redirecting users to malicious websites that mimic legitimate login pages.
MDaemon & SecurityGateway Product Updates
While our products continue to be effective at protecting against evolving email threats, they also include a variety of new collaboration and administration features. Here’s a brief overview of what’s new.
New Features in MDaemon
MDaemon 23
Google Drive Integration for MDaemon Webmail: Users can now seamlessly access and manage their Google Drive files directly from MDaemon Webmail.
OAuth 2.0 for Better Integration with GMail & Microsoft 365: Enhanced security and seamless integration with popular email services.
Keyword Flags: Users can flag emails with specific keywords for easy identification and management.
Redesigned Remote Administration: A more intuitive and user-friendly interface for managing MDaemon settings.
MDaemon 23.5
Appointment Booking & Calendar Publishing in MDaemon Webmail: Users can easily book appointments and publish their calendars for improved scheduling and collaboration.
Artificial Intelligence (AI) Email Assist in MDaemon Webmail: AI-powered features help users write better emails.
Passwordless Authentication for Remote Administration & MDaemon Webmail: Enhanced security through passwordless authentication methods such as biometrics.
Security Health Check: A comprehensive tool to assess and improve the security of MDaemon installations by scanning all security settings and making recommendations.
Direct Edit of Configuration Files in Remote Administration: Users can directly edit configuration files for more granular control of mail server settings.
MDaemon 24
ARC (Authenticated Received Chain): Arc is a new feature that enhances email authentication and helps reduce the risk of spoofing. ARC allows mail servers to verify messages forwarded from a mailing list that would normally fail DKIM and SPF checks.
Temporary Links for MDaemon Webmail: Users can generate temporary links to share files securely.
Watch our video to learn more about the new features added in MDaemon versions 21-24:
MDaemon 24.5
Settings Search for MDaemon Remote Administration: In MDaemon Remote Administration, we added a search function to quickly find and manage settings.
OneDrive Integration for MDaemon Webmail: Users can now access and manage their OneDrive files directly from MDaemon Webmail.
Settings Search for MDaemon Webmail: The new search feature allows users to quickly find and manage webmail settings.
New Features in SecurityGateway
SecurityGateway 10
Custom Charts & Reports: Administrators can create custom charts and reports to view email traffic that meets specific criteria, such as undelivered messages or those that were filtered by specific security processes.
QR Code Detection: Enhanced detection of QR code phishing attacks. Messages containing QR codes can be rejected or sent to quarantine for administrator review.
Abusix Mail Intelligence Support: Integration with Abusix Mail Intelligence for better threat detection and response.
SecurityGateway 10.5
ARC (Authenticated Received Chain): Enhanced email authentication for forwarded and mailing list messages.
Feature Search: A search function to quickly find and manage SecurityGateway features.
Location Data in Message Logs: Enhanced logging to include location data, allowing administrators to view which countries inbound emails originated from.
Quarantine Administrator Role: A new role to manage and monitor quarantined emails without providing access to other configuration settings.
More New Features Coming Soon!
Here’s a sneak peek at what’s planned for 2025
MDaemon
Rejected Message Reports: Detailed reports on rejected messages to help identify and mitigate threats.
Improved Support for Closed Networks: Enhanced features for organizations operating in closed or isolated networks.
MDaemon & MDaemon Private Cloud Merged into a Single Installer: The merger of MDaemon and MDaemon Private Cloud into a single installer will simplify the installation process. Cloud features will be enabled when a purchased MDaemon Private Cloud registration key is used.
SecurityGateway
Attachments Classified by Content: Enhanced classification of email attachments to better identify and manage potential threats. Email attachments will no longer be classified by file extension alone, as these can easily be changed in an attempt to trick potential victims into opening them.
Google Workspace User Verification: Integration with Google Workspace to verify user identities.
Restrict Administrator Access by IP: Enhanced security by restricting administrator access to specific IP addresses.
Moving Forward
2024 has been a year of significant challenges and advancements in the world of email security and management. As we look to 2025, it is clear that the battle against cybercrime will continue to evolve while we continue to focus on other areas as well with new administration & collaboration features.
